Full title: 1996/97 Information security status survey: Consolidated results: Systems development.
Overview: The ISF's 1996/97 Information Security Status Survey was the most searching study ever conducted into the security of information systems in leading enterprises operating around the world. Surveyed organizations had a collective annual turnover of $450 billion. This report focussed on the effectiveness of the security arrangements applied to 96 systems development environments. The survey probed the key features of each development environment, the status of controls and the types of incident most likely to compromise systems development activity. Analysis of responses identified 'benchmark environments' with exceptionally effective security arrangements - effectiveness being demonstrated by substantially lower incident rates. The pattern of controls applied to these development environments is highly revealing about how IT risk can be managed down to an acceptable level.
Published by: European Security Forum (ESF)
Date published: August 1997
Status: Available to ISF Members.
Citicus role: A founder of Citicus developed the survey questionnaires for and in conjunction with the ESF management team, analysed responses, verified the integrity of key data and was the principal author of this report. Another founder of Citicus contributed to the data acquisition and analysis.